× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 994ae585418d430bf60e55316f5b8a1ac66aeb8c276449a5a4531fb4ca441a8e
File name: oset.exe
Detection ratio: 38 / 70
Analysis date: 2018-12-14 02:52:03 UTC ( 5 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.GenericKD.31413948 20181214
AegisLab Trojan.Win32.Propagate.4!c 20181213
Avast Win32:Malware-gen 20181214
AVG Win32:Malware-gen 20181214
Avira (no cloud) TR/AD.SmokeLoader.gcxhh 20181214
BitDefender Trojan.GenericKD.31413948 20181214
Comodo Malware@#30xsj7fkepzaa 20181214
CrowdStrike Falcon (ML) malicious_confidence_60% (W) 20181022
Cybereason malicious.0f1241 20180225
Cylance Unsafe 20181214
Cyren W32/GenBl.66C0EAA4!Olympus 20181214
DrWeb Trojan.Fbng.8 20181214
Endgame malicious (high confidence) 20181108
ESET-NOD32 a variant of Win32/Kryptik.GNRT 20181213
Fortinet W32/GenKryptik.CNMT!tr.ransom 20181213
GData Win32.Trojan-Downloader.SmokeLoader.LBTU2T 20181213
Ikarus Win32.Outbreak 20181213
Sophos ML heuristic 20181128
K7AntiVirus Trojan ( 005437fe1 ) 20181213
K7GW Trojan ( 005437fe1 ) 20181213
Kaspersky Trojan.Win32.Propagate.cji 20181213
MAX malware (ai score=100) 20181214
McAfee RDN/Generic.grp 20181213
McAfee-GW-Edition Artemis!Trojan 20181213
Microsoft Trojan:Win32/Tiggre!plock 20181213
Palo Alto Networks (Known Signatures) generic.ml 20181214
Panda Trj/GdSda.A 20181213
Qihoo-360 Win32/Trojan.ea0 20181214
Rising Trojan.Kryptik!8.8 (TFE:5:5G2WKM3aCZT) 20181213
Sophos AV Troj/Agent-BAIJ 20181213
Symantec ML.Attribute.HighConfidence 20181213
Tencent Win32.Trojan.Propagate.Wqmy 20181214
Trapmine malicious.high.ml.score 20181205
TrendMicro TROJ_GEN.F0C2C00LD18 20181213
TrendMicro-HouseCall TROJ_GEN.F0C2C00LD18 20181213
VIPRE LooksLike.Win32.Crowti.b (v) 20181213
Webroot W32.Trojan.Gen 20181214
ZoneAlarm by Check Point Trojan.Win32.Propagate.cji 20181214
AhnLab-V3 20181213
Alibaba 20180921
ALYac 20181214
Antiy-AVL 20181214
Arcabit 20181214
Avast-Mobile 20181213
Babable 20180918
Baidu 20181207
Bkav 20181213
CAT-QuickHeal 20181213
ClamAV 20181214
CMC 20181213
eGambit 20181214
Emsisoft 20181213
F-Prot 20181213
F-Secure 20181213
Jiangmin 20181213
Kingsoft 20181214
Malwarebytes 20181213
eScan 20181213
NANO-Antivirus 20181213
SentinelOne (Static ML) 20181011
SUPERAntiSpyware 20181212
Symantec Mobile Insight 20181212
TACHYON 20181213
TheHacker 20181213
TotalDefense 20181213
Trustlook 20181214
VBA32 20181213
ViRobot 20181213
Yandex 20181213
Zillya 20181213
Zoner 20181214
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
FileVersionInfo properties
Copyright
ASUSTek Computer Inc.

Product ATK Media
Original name DMedia.exe
Internal name DMedia
File version 2, 0, 26, 1
Description ATK Media
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 2016-12-06 11:28:22
Entry Point 0x00005BD6
Number of sections 5
PE sections
PE imports
CreatePolygonRgn
CreatePen
PtInRegion
DeleteObject
Ellipse
CreateSolidBrush
VirtualProtect
GetStartupInfoA
GetModuleHandleA
Ord(1775)
Ord(4080)
Ord(4710)
Ord(2414)
Ord(3597)
Ord(1641)
Ord(3136)
Ord(4524)
Ord(554)
Ord(1842)
Ord(5237)
Ord(5577)
Ord(3350)
Ord(6375)
Ord(3626)
Ord(4589)
Ord(3798)
Ord(2621)
Ord(3259)
Ord(1665)
Ord(2446)
Ord(5214)
Ord(5301)
Ord(807)
Ord(4163)
Ord(3706)
Ord(4964)
Ord(6215)
Ord(6625)
Ord(5787)
Ord(4529)
Ord(4531)
Ord(815)
Ord(2723)
Ord(366)
Ord(641)
Ord(5788)
Ord(2494)
Ord(5277)
Ord(2514)
Ord(4953)
Ord(4425)
Ord(3454)
Ord(5199)
Ord(4441)
Ord(1134)
Ord(4465)
Ord(4108)
Ord(5300)
Ord(1200)
Ord(6175)
Ord(338)
Ord(4627)
Ord(1168)
Ord(3738)
Ord(4853)
Ord(2982)
Ord(617)
Ord(3172)
Ord(4526)
Ord(4234)
Ord(825)
Ord(3081)
Ord(5307)
Ord(796)
Ord(4823)
Ord(2390)
Ord(2542)
Ord(4424)
Ord(4273)
Ord(5260)
Ord(5076)
Ord(4078)
Ord(3059)
Ord(2554)
Ord(4376)
Ord(1945)
Ord(6376)
Ord(5282)
Ord(4614)
Ord(2117)
Ord(1727)
Ord(823)
Ord(3573)
Ord(5503)
Ord(2725)
Ord(4998)
Ord(5472)
Ord(4436)
Ord(4457)
Ord(3749)
Ord(2512)
Ord(4427)
Ord(4274)
Ord(5261)
Ord(4696)
Ord(4079)
Ord(4467)
Ord(3058)
Ord(3147)
Ord(2124)
Ord(4615)
Ord(1726)
Ord(4242)
Ord(4077)
Ord(6336)
Ord(4890)
Ord(3262)
Ord(5653)
Ord(674)
Ord(4317)
Ord(975)
Ord(1576)
Ord(5243)
Ord(4353)
Ord(813)
Ord(3748)
Ord(5065)
Ord(5290)
Ord(4407)
Ord(4426)
Ord(6117)
Ord(3663)
Ord(3346)
Ord(4303)
Ord(3693)
Ord(2396)
Ord(4159)
Ord(3831)
Ord(520)
Ord(6374)
Ord(5280)
Ord(986)
Ord(4612)
Ord(4486)
Ord(2635)
Ord(2976)
Ord(2535)
Ord(2558)
Ord(1089)
Ord(3198)
Ord(2985)
Ord(4297)
Ord(3922)
Ord(5240)
Ord(6080)
Ord(4151)
Ord(2649)
Ord(6052)
Ord(5252)
Ord(2626)
Ord(1776)
Ord(6000)
Ord(4623)
Ord(324)
Ord(5265)
Ord(4238)
Ord(2510)
Ord(3830)
Ord(5103)
Ord(2385)
Ord(4613)
Ord(4349)
Ord(2878)
Ord(3079)
Ord(4899)
Ord(652)
Ord(4387)
Ord(4723)
Ord(4420)
Ord(2055)
Ord(2627)
Ord(4837)
Ord(5241)
Ord(5100)
Ord(2399)
Ord(5012)
Ord(2648)
Ord(3065)
Ord(5714)
Ord(5289)
Ord(4545)
Ord(3403)
Ord(4622)
Ord(561)
Ord(1746)
Ord(4543)
Ord(4133)
Ord(4610)
Ord(1100)
Ord(4961)
Ord(2879)
Ord(3825)
Ord(560)
Ord(4341)
Ord(529)
Ord(4698)
Ord(5163)
Ord(6055)
Ord(296)
Ord(4858)
Ord(4432)
Ord(5740)
Ord(5302)
Ord(1825)
Ord(5731)
_except_handler3
__p__fmode
_CxxThrowException
__CxxFrameHandler
_acmdln
_ftol
_adjust_fdiv
__setusermatherr
__dllonexit
_setmbcp
_exit
exit
_XcptFilter
__getmainargs
_initterm
_controlfp
_onexit
??1type_info@@UAE@XZ
__p__commode
__set_app_type
InflateRect
EnableWindow
GetSystemMetrics
EnumWindowStationsW
UpdateWindow
Number of PE resources by type
RT_ICON 5
RT_VERSION 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 6
CHINESE TRADITIONAL 1
PE resources
ExifTool file metadata
UninitializedDataSize
0

LinkerVersion
6.0

ImageVersion
0.0

FileSubtype
0

FileVersionNumber
2.0.26.1

LanguageCode
Chinese (Traditional)

FileFlagsMask
0x0017

FileDescription
ATK Media

ImageFileCharacteristics
No relocs, Executable, No line numbers, No symbols, 32-bit

CharacterSet
Unicode

InitializedDataSize
151552

EntryPoint
0x5bd6

OriginalFileName
DMedia.exe

MIMEType
application/octet-stream

LegalCopyright
ASUSTek Computer Inc.

FileVersion
2, 0, 26, 1

TimeStamp
2016:12:06 12:28:22+01:00

FileType
Win32 EXE

PEType
PE32

InternalName
DMedia

ProductVersion
2, 0, 26, 0

SubsystemVersion
4.0

OSVersion
4.0

FileOS
Win32

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

CompanyName
ASUSTek Computer Inc.

CodeSize
20480

ProductName
ATK Media

ProductVersionNumber
2.0.26.0

FileTypeExtension
exe

ObjectFileType
Executable application

File identification
MD5 66c0eaa4bbaf2a019032e2ba18dfe979
SHA1 934bb0d0f12417e1797c5c2e17f12d981c186bd8
SHA256 994ae585418d430bf60e55316f5b8a1ac66aeb8c276449a5a4531fb4ca441a8e
ssdeep
3072:tClEDPBAWJJgekoU2iaVNQwKDc6AFXE/2KmuV:t8EDPB5LgIU2iQ+sUu

authentihash 138f10e7afc195748b0e6ef9e3f8d2f4d8975ccf420d000cb64339e76fa32c94
imphash 9d57a23d7e6c003502467a4d57fcf4fc
File size 160.0 KB ( 163840 bytes )
File type Win32 EXE
Magic literal
PE32 executable for MS Windows (GUI) Intel 80386 32-bit

TrID Win64 Executable (generic) (45.0%)
Microsoft Visual C++ compiled executable (generic) (26.9%)
Win32 Dynamic Link Library (generic) (10.7%)
Win32 Executable (generic) (7.3%)
OS/2 Executable (generic) (3.3%)
Tags
peexe

VirusTotal metadata
First submission 2018-12-13 05:12:48 UTC ( 5 months, 1 week ago )
Last submission 2019-05-10 01:16:03 UTC ( 2 weeks ago )
File names DMedia
oset.exe
DMedia.exe
66c0eaa4bbaf2a019032e2ba18dfe979
output.114704675.txt
package350_VirusShare_66c0eaa4bbaf2a019032e2ba18dfe979
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Opened files
Read files
Written files
Created processes
Code injections in the following processes
Opened mutexes
Runtime DLLs